Pareto-optimal Defenses for the Web Infrastructure: Theory and Practice

Tizio, Giorgio Di; Speicher, Patrick; Simeonovski, Milivoj; Backes, Michael; Stock, Ben; Künnemann, Robert

doi:10.1145/3567595

Cited by 3 publications

(3 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We run experiments on Speicher et al's (2018a) Stackelberg variants of IPC and pentesting benchmarks, on variants of these benchmarks scaled to have many objects, and on web infrastructure defense-attack models as per Tizio et al (2022). Our experiments show that, while lifted Stackelberg planning is inferior on small tasks, it is typically vastly superior on large tasks.…”

Section: Introductionmentioning

confidence: 94%

“…Stackelberg planning is a natural tool for analyzing countermeasures in security applications, e.g., network penetration testing (Boddy et al 2005;Hoffmann 2015) or emailinfrastructure threat analysis (Speicher et al 2018b), the leader modeling defense mechanisms against attack vectors represented by the follower. Recently, Tizio et al (2022) used Stackelberg planning for analyzing the open web infrastructure, but found that off-the-shelf planners suffer from poor scalability. With instances that easily contain many thousands of objects, Tizio et al quickly identified the grounding preprocess as a major bottleneck.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Lifted Stackelberg Planning

Sauer

Steinmetz

Künnemann

et al. 2023

ICAPS

View full text Add to dashboard Cite

In Stackelberg planning, a leader and a follower each choose a plan in the same planning task, the leader's objective being to maximize plan cost for the follower. This formulation naturally captures, among others, security-related scenarios where the leader defends an infrastructure against subsequent attacks by the follower. Indeed, Stackelberg planning has been applied to the analysis of email infrastructure security. At web scale, however, the planning tasks involved easily contain tens of thousands of objects, so that grounding becomes the bottleneck. Here we introduce a lifted form of Stackelberg planning to address this. We devise leader-follower search algorithms working at the level of the PDDL-style input model to the extent possible. Our experiments show that, in Stackelberg tasks with many objects, including in particular models of web infrastructure security, our lifted algorithms outperform grounded Stackelberg planning.

show abstract

Section: Introductionmentioning

confidence: 94%

Section: Introductionmentioning

confidence: 99%

Lifted Stackelberg Planning

Sauer

Steinmetz

Künnemann

et al. 2023

ICAPS

View full text Add to dashboard Cite

show abstract

“…The objective of the first player (called the leader) is to choose and to play a plan that maximally raises the cost of the second player (the follower) to subsequently achieve its goal. This type of planning is useful for real-world adversarial settings commonly found in the cyber-security domain (Speicher et al 2018b;Di Tizio et al 2023). To solve Stackelberg planning tasks, there so far exists just a single generic algorithm paradigm called leader-follower search (Speicher et al 2018a), which searches over possible leader plans, solving a classical planning task for each.…”

Section: Introductionmentioning

confidence: 99%

On the Computational Complexity of Stackelberg Planning and Meta-Operator Verification

Behnke,

Steinmetz

2024

ICAPS

View full text Add to dashboard Cite

Stackelberg planning is a recently introduced single-turn two-player adversarial planning model, where two players are acting in a joint classical planning task, the objective of the first player being hampering the second player from achieving its goal. This places the Stackelberg planning problem somewhere between classical planning and general combinatorial two-player games. But, where exactly? All investigations of Stackelberg planning so far focused on practical aspects. We close this gap by conducting the first theoretical complexity analysis of Stackelberg planning. We show that in general Stackelberg planning is actually no harder than classical planning. Under a polynomial plan-length restriction, however, Stackelberg planning is a level higher up in the polynomial complexity hierarchy, suggesting that compilations into classical planning come with a worst-case exponential plan-length increase. In attempts to identify tractable fragments, we further study its complexity under various planning task restrictions, showing that Stackelberg planning remains intractable where classical planning is not. We finally inspect the complexity of meta-operator verification, a problem that has been recently connected to Stackelberg planning.

show abstract